package io.quarkus.resteasy.reactive.server.test.security;

import io.quarkus.security.test.utils.TestIdentityController;
import io.quarkus.security.test.utils.TestIdentityProvider;
import io.quarkus.test.QuarkusUnitTest;
import io.restassured.RestAssured;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.MultivaluedMap;
import jakarta.ws.rs.ext.MessageBodyReader;
import jakarta.ws.rs.ext.Provider;
import java.io.IOException;
import java.io.InputStream;
import java.lang.annotation.Annotation;
import java.lang.reflect.Type;
import java.util.Arrays;
import org.awaitility.Awaitility;
import org.hamcrest.Matcher;
import org.hamcrest.Matchers;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.RegisterExtension;

/* loaded from: input_file:io/quarkus/resteasy/reactive/server/test/security/RolesAllowedJaxRsTestCase.class */
public class RolesAllowedJaxRsTestCase {

    @RegisterExtension
    static QuarkusUnitTest runner = new QuarkusUnitTest().withApplicationRoot(javaArchive -> {
        javaArchive.addClasses(new Class[]{RolesAllowedResource.class, UserResource.class, RolesAllowedBlockingResource.class, SerializationEntity.class, SerializationRolesResource.class, TestIdentityProvider.class, TestIdentityController.class, UnsecuredSubResource.class, RolesAllowedService.class, RolesAllowedServiceResource.class});
    });
    static volatile boolean read = false;

    @Provider
    /* loaded from: input_file:io/quarkus/resteasy/reactive/server/test/security/RolesAllowedJaxRsTestCase$Reader.class */
    public static class Reader implements MessageBodyReader<SerializationEntity> {
        public boolean isReadable(Class<?> cls, Type type, Annotation[] annotationArr, MediaType mediaType) {
            return true;
        }

        public SerializationEntity readFrom(Class<SerializationEntity> cls, Type type, Annotation[] annotationArr, MediaType mediaType, MultivaluedMap<String, String> multivaluedMap, InputStream inputStream) throws IOException, WebApplicationException {
            RolesAllowedJaxRsTestCase.read = true;
            SerializationEntity serializationEntity = new SerializationEntity();
            serializationEntity.setName("read");
            return serializationEntity;
        }

        /* renamed from: readFrom, reason: collision with other method in class */
        public /* bridge */ /* synthetic */ Object m218readFrom(Class cls, Type type, Annotation[] annotationArr, MediaType mediaType, MultivaluedMap multivaluedMap, InputStream inputStream) throws IOException, WebApplicationException {
            return readFrom((Class<SerializationEntity>) cls, type, annotationArr, mediaType, (MultivaluedMap<String, String>) multivaluedMap, inputStream);
        }
    }

    @BeforeAll
    public static void setupUsers() {
        TestIdentityController.resetRoles().add("admin", "admin", new String[]{"admin"}).add("user", "user", new String[]{"user"});
    }

    @Test
    public void testRolesAllowed() {
        Arrays.asList("/roles", "/roles-blocking").forEach(str -> {
            RestAssured.get(str, new Object[0]).then().statusCode(401);
            RestAssured.given().auth().basic("admin", "admin").get(str, new Object[0]).then().statusCode(200);
            RestAssured.given().auth().basic("user", "user").get(str, new Object[0]).then().statusCode(200);
            RestAssured.given().auth().basic("admin", "admin").get(str + "/admin", new Object[0]).then().statusCode(200);
            RestAssured.given().auth().basic("user", "user").get(str + "/admin", new Object[0]).then().statusCode(403);
        });
    }

    @Test
    public void testUser() {
        RestAssured.get("/user", new Object[0]).then().body(Matchers.is(""), new Matcher[0]);
        RestAssured.given().auth().preemptive().basic("admin", "admin").get("/user", new Object[0]).then().statusCode(200).body(Matchers.is("admin"), new Matcher[0]);
        RestAssured.given().auth().basic("admin", "admin").get("/user", new Object[0]).then().body(Matchers.is(""), new Matcher[0]);
        RestAssured.given().auth().basic("user", "user").get("/user", new Object[0]).then().body(Matchers.is(""), new Matcher[0]);
        RestAssured.given().auth().preemptive().basic("user", "user").get("/user", new Object[0]).then().body(Matchers.is("user"), new Matcher[0]);
    }

    @Test
    public void testNestedRolesAllowed() {
        RestAssured.given().auth().basic("admin", "admin").get("/roles-service/hello", new Object[0]).then().statusCode(200).body(Matchers.is(RolesAllowedService.SERVICE_HELLO), new Matcher[0]);
        RestAssured.given().auth().basic("user", "user").get("/roles-service/hello", new Object[0]).then().statusCode(403);
    }

    @Test
    public void testSecurityRunsBeforeValidation() {
        read = false;
        RestAssured.given().body(new SerializationEntity()).post("/roles-validate", new Object[0]).then().statusCode(401);
        Assertions.assertFalse(read);
        RestAssured.given().body(new SerializationEntity()).auth().basic("admin", "admin").post("/roles-validate", new Object[0]).then().statusCode(200);
        Assertions.assertTrue(read);
        read = false;
        RestAssured.given().body(new SerializationEntity()).auth().basic("user", "user").post("/roles-validate", new Object[0]).then().statusCode(200);
        Assertions.assertTrue(read);
        read = false;
        RestAssured.given().body(new SerializationEntity()).auth().basic("admin", "admin").post("/roles-validate/admin", new Object[0]).then().statusCode(200);
        Assertions.assertTrue(read);
        read = false;
        RestAssured.given().body(new SerializationEntity()).auth().basic("user", "user").post("/roles-validate/admin", new Object[0]).then().statusCode(403);
        Assertions.assertFalse(read);
    }

    @Test
    public void testSecurityInterceptorsAfterHttpRequestCompleted() {
        RestAssured.given().auth().preemptive().basic("user", "user").body("message one").post("/roles-service/secured-event-bus", new Object[0]).then().statusCode(204);
        Awaitility.await().until(() -> {
            return Boolean.valueOf(!RolesAllowedService.EVENT_BUS_MESSAGES.isEmpty());
        });
        Assertions.assertEquals(1, RolesAllowedService.EVENT_BUS_MESSAGES.size(), RolesAllowedService.EVENT_BUS_MESSAGES.toString());
        Assertions.assertEquals("permit all message one", RolesAllowedService.EVENT_BUS_MESSAGES.get(0));
    }
}
